Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:21

General

  • Target

    a4ca571b00a993e1ac9afcf706c992f0_NeikiAnalytics.exe

  • Size

    79KB

  • MD5

    a4ca571b00a993e1ac9afcf706c992f0

  • SHA1

    516037c19deca4c659cb4d33df548e770c8ea748

  • SHA256

    ebeb3e34d33da5624f70dfd802bc71ccc64dbc0602f0f8f9495a1cfa154fc0ef

  • SHA512

    a4a86d78c4d68209b5645affeb6a0481b9cedc464d5b1ff8c70b07f11359f6a2c3b221f170bfde037f9e2fad2f560cb5bf788d085b5fc7df73485942e6b160cc

  • SSDEEP

    1536:zvJRAT+S0kaNVu9TOQA8AkqUhMb2nuy5wgIP0CSJ+5y/AB8GMGlZ5G:zvJR6Z0FNVuUGdqU7uy5w9WMyYN5G

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4ca571b00a993e1ac9afcf706c992f0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a4ca571b00a993e1ac9afcf706c992f0_NeikiAnalytics.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\[email protected]

    Filesize

    79KB

    MD5

    d6e7952bf291674b6ce13176de08ef7f

    SHA1

    9d7d97f6690b9632e994ca611a891d82156e2d86

    SHA256

    80e20107d0bbc3e63123d2b2df9115ffb28a465bb9de759329035dc935227f02

    SHA512

    af438d2e145ca46ba7a416dd1b98c86a9fb9efcde5814e76c05c37e2ac5aba488d21b510ee870bf616367d084b3594134644f420790b526f5c1edbfa5e496845

  • memory/2732-8-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

  • memory/2896-7-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB